Merge remote-tracking branch 'origin/v2-dev' into v2-dev

2026-05-18 06:17:31 +08:00 · 2025-10-11 17:00:00 +08:00
parent 08094c2660 fda82c82b0
commit 9d4e2c98a3
167 changed files with 3871 additions and 1223 deletions
@@ -3,7 +3,7 @@ on:
  push:
    branches: ['v2-dev']
    paths:
-      - "build.trigger"
+      - "trigger/build.trigger"
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
@@ -82,34 +82,4 @@ jobs:
          push: true
          context: ./packages/ui/
          tags: |
            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}
            greper/certd:latest
            greper/certd:${{steps.get_certd_version.outputs.result}}
            ghcr.io/${{ github.repository }}:latest
            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}
      - name: Build armv7
        uses: docker/build-push-action@v6
        with:
          platforms: linux/arm/v7
          push: true
          context: ./packages/ui/
          tags: |
            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
            greper/certd:armv7
            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
            ghcr.io/${{ github.repository }}:armv7
            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}-armv7
 #      - name: Build agent
 #        uses: docker/build-push-action@v6
 #        with:
 #          platforms: linux/amd64,linux/arm64
 #          push: true
 #          context: ./packages/ui/agent/
 #          tags: |
 #            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
 #            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
 #            greper/certd-agent:latest
 #            greper/certd-agent:${{steps.get_certd_version.outputs.result}}
@@ -3,12 +3,13 @@ on:
  push:
    branches: ['v2-dev']
    paths:
-      - "deploy.trigger"
+      - "trigger/deploy.trigger"
  workflow_run:
    workflows: [ "build-image" ]
    types:
      - completed
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -54,14 +55,3 @@ jobs:
          retry-count: 3
          retry-delay: 5000
      - name: deploy-certd-doc
        uses: tyrrrz/action-http-request@master
        with:
          url: http://flow-openapi.aliyun.com/pipeline/webhook/IiSxLDp9aOhgDUxJPytv
          method: POST
          body: |
            {}
          headers: |
            Content-Type: application/json
          retry-count: 3
          retry-delay: 5000
@@ -1,9 +1,13 @@
-name: build-image-for-test
+name: build-image-for-release
 on:
  push:
    branches: ['v2-dev']
    paths:
-      - "build-dev.trigger"
+      - "trigger/release.trigger"
 #  workflow_run:
 #    workflows: [ "deploy-demo" ]
 #    types:
 #      - completed
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
@@ -20,7 +24,7 @@ jobs:
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
-          ref: v2-dev
+          lfs: true
      - name: get_certd_version
        id: get_certd_version
@@ -75,17 +79,19 @@ jobs:
          username: ${{ secrets.dockerhub_username }}
          password: ${{ secrets.dockerhub_password }}
-#      - name: Build default platforms
+      - name: Build default platforms
-#        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v6
-#        with:
+        with:
-#          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64,linux/arm64
-#          push: true
+          push: true
-#          context: ./packages/ui/
+          context: ./packages/ui/
-#          tags: |
+          tags: |
-#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-dev:latest
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
-#            greper/certd-dev:latest
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}
-#            ghcr.io/${{ github.repository }}:dev-latest
+            greper/certd:latest
-
+            greper/certd:${{steps.get_certd_version.outputs.result}}
            ghcr.io/${{ github.repository }}:latest
            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}
      - name: Build armv7
        uses: docker/build-push-action@v6
        with:
@@ -97,3 +103,29 @@ jobs:
            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
            greper/certd:armv7
            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
            ghcr.io/${{ github.repository }}:armv7
            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}-armv7
 #      - name: Build agent
 #        uses: docker/build-push-action@v6
 #        with:
 #          platforms: linux/amd64,linux/arm64
 #          push: true
 #          context: ./packages/ui/agent/
 #          tags: |
 #            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
 #            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
 #            greper/certd-agent:latest
 #            greper/certd-agent:${{steps.get_certd_version.outputs.result}}
      - name: deploy-certd-doc
        uses: tyrrrz/action-http-request@master
        with:
          url: http://flow-openapi.aliyun.com/pipeline/webhook/IiSxLDp9aOhgDUxJPytv
          method: POST
          body: |
            {}
          headers: |
            Content-Type: application/json
          retry-count: 3
          retry-delay: 5000
@@ -1,6 +1,5 @@
 ./packages/core/lego
 # IntelliJ project files
 .vscode/
 node_modules/
 npm-debug.log
 yarn-error.log
@@ -30,5 +29,4 @@ test/**/*.js
 /packages/ui/certd-server/data/db.sqlite
 /packages/ui/certd-server/data/keys.yaml
 /packages/pro/
 test.js
@@ -1,2 +1,6 @@
 link-workspace-packages=deep
 prefer-workspace-packages=true
 better_sqlite3_binary_host=https://registry.npmmirror.com/-/binary/better-sqlite3
 better_sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3
 better-sqlite3_binary_host=https://registry.npmmirror.com/-/binary/better-sqlite3
 better-sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3
@@ -0,0 +1,43 @@
 {
    // 使用 IntelliSense 了解相关属性。 
    // 悬停以查看现有属性的描述。
    // 欲了解更多信息，请访问: https://go.microsoft.com/fwlink/?linkid=830387
    "version": "0.2.0",
    "configurations": [
        {
            "name": "client",
            "type": "node",
            "request": "launch",
            "cwd": "${workspaceFolder}/packages/ui/certd-client",
            "runtimeExecutable": "pnpm",
            "runtimeArgs": ["dev"],
            "console": "integratedTerminal",
            "internalConsoleOptions": "neverOpen"
        },
        {
            "name": "server",
            "type": "node",
            "request": "launch",
            "cwd": "${workspaceFolder}/packages/ui/certd-server",
            "runtimeExecutable": "pnpm",
            "runtimeArgs": ["dev"],
            "console": "integratedTerminal",
            "internalConsoleOptions": "neverOpen"
        },
        {
            "name": "server-local-plus",
            "type": "node",
            "request": "launch",
            "cwd": "${workspaceFolder}/packages/ui/certd-server",
            "runtimeExecutable": "npm",
            "runtimeArgs": ["run", "dev-localplus"],
            "console": "integratedTerminal",
            "internalConsoleOptions": "neverOpen",
            "env": {
                "plus_use_prod": "false",
                "PLUS_SERVER_BASE_URL": "http://127.0.0.1:11007"
            }
        }
    ]
 }
@@ -0,0 +1,5 @@
 {
    "eslint.debug": false,
    "eslint.format.enable": true,
    "typescript.tsc.autoDetect": "watch"
 }
@@ -0,0 +1,52 @@
 {
    "version": "2.0.0",
    "tasks": [
        {
            "label": "启动Client",
            "type": "shell",
            "command": "npm",
            "args": ["run", "dev"],
            "options": {
                "cwd": "${workspaceFolder}/packages/ui/certd-client"
            },
            "group": {
                "kind": "build",
                "isDefault": true
            },
            "presentation": {
                "echo": true,
                "reveal": "always",
                "focus": false,
                "panel": "shared"
            }
        },
        {
            "label": "启动Server",
            "type": "shell",
            "command": "npm",
            "args": ["run", "dev"],
            "options": {
                "cwd": "${workspaceFolder}/packages/ui/certd-server"
            },
            "group": {
                "kind": "build",
                "isDefault": true
            },
            "presentation": {
                "echo": true,
                "reveal": "always",
                "focus": false,
                "panel": "shared"
            }
        },
        {
            "label": "同时启动Client和Server",
            "dependsOn": ["启动Client", "启动Server"],
            "group": {
                "kind": "build",
                "isDefault": true
            },
            "problemMatcher": []
        }
    ]
 }
@@ -3,6 +3,74 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 ### Bug Fixes
 * 修复版本比较bug ([109696e](https://github.com/certd/certd/commit/109696e965d68c50c8627ffd40203edd1d2daea5))
 * 修复某些情况下cname申请证书报错主域名不一致的bug ([2671781](https://github.com/certd/certd/commit/2671781e1bb0838981728d85eacf0e1a25a0fa48))
 ### Performance Improvements
 * cname主域名校验提示优化，显示不一致的两方便于排查问题 ([6ebb365](https://github.com/certd/certd/commit/6ebb3659f42155e4e8da600c493fb5227cd08137))
 * dns解析支持阿里esa ([9291fa6](https://github.com/certd/certd/commit/9291fa68aa7a88a05c2f888bf3048df36a8fbde3))
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 ### Features
 * @certd/ui-server module import报错的问题 ([0c61d4c](https://github.com/certd/certd/commit/0c61d4c9788677c83c567db5381b9e257ec90bba))
 * dist打包前检查 ([8f6e5bd](https://github.com/certd/certd/commit/8f6e5bd24b3b65fbfcba36c08f532a3abad2d606))
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 ### Bug Fixes
 * 固定midwayjs版本，修复ui-server import 错误的bug ([eb4d125](https://github.com/certd/certd/commit/eb4d125eaf4a41e88c752d0c68993829589f8f27))
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 ### Bug Fixes
 * 修复 ui-server 加载失败问题 ([c2ccdbe](https://github.com/certd/certd/commit/c2ccdbec9dd08bca4688eeb2f34d0105eec43ba1))
 * 修复 ui-server 加载失败问题 ([063f5c3](https://github.com/certd/certd/commit/063f5c3b55e47df22543a64f02e039e84f92cd14))
 ### Performance Improvements
 * 重置管理员密码同时会关闭验证码，防止验证码失效之后无法登录 ([03899d4](https://github.com/certd/certd/commit/03899d4d9c76fc2077dacc53ab88e2c9ca41af7c))
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 ### Bug Fixes
 * 授权页面，id列位置不在第一列的bug ([3f1722d](https://github.com/certd/certd/commit/3f1722d54debcb4849dc14521a2da0d9b304b69f))
 ### Performance Improvements
 * 动态加载验证码script ([dcc396a](https://github.com/certd/certd/commit/dcc396afb7a23aeb8af57c01014b09af5f033e61))
 * 开启子域名托管之后cname记录支持重置 ([54c8d62](https://github.com/certd/certd/commit/54c8d622437761d350db0f17e07f7517f1911211))
 * 手动上传证书优化，增加到期前报错提醒 ([3d42bfd](https://github.com/certd/certd/commit/3d42bfd479eaacc4a49c401224815a6e2a0204b0))
 * 验证码支持测试，登录验证码需要测试通过后才能开启 ([83e6476](https://github.com/certd/certd/commit/83e6476408090b741fabb1b542fb458d9a8b4134))
 * 支持腾讯云验证码 ([03f317f](https://github.com/certd/certd/commit/03f317ffdb6595ce70e8a2302b05f390c52110c8))
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 ### Bug Fixes
 * 修复旧版本升级上来报错eab授权的bug ([b76f2e2](https://github.com/certd/certd/commit/b76f2e2008a7fefac4c91179c45c56c7a7a84b71))
 * 选择授权对话框编辑时，名称字段排在最后的bug ([31cfb09](https://github.com/certd/certd/commit/31cfb09468bda3272f5f63af65ff3e9272220b39))
 ### Performance Improvements
 * 7001绑定::地址 ([7188997](https://github.com/certd/certd/commit/7188997dd1979f1c10fa29b30221015e0bd5fe9e))
 * 登录失败时清除验证码状态 ([1c15bea](https://github.com/certd/certd/commit/1c15beadc7fe8a7c6ec1903b7e722ca2f52e05b3))
 * 公共cname支持权限校验 ([9cc5f0f](https://github.com/certd/certd/commit/9cc5f0f889d4362ff36e7a1f0e448e02d32ecee7))
 * 优化连接失败的报错提示 ([71d8e7e](https://github.com/certd/certd/commit/71d8e7edd23ad63fdc01a92766b52ede5074fe7c))
 * 增加自签名证书提示 ([877c9c4](https://github.com/certd/certd/commit/877c9c4ff99f81d289f67afd96f440c0796b03ea))
 * add preferred chain for google trust service ([#539](https://github.com/certd/certd/issues/539)) @ZeroClover ([e31d26a](https://github.com/certd/certd/commit/e31d26a8871c6088d9f8c0f580746ff2a810ae0c))
 * dns支持新网域名解析 ([cf3a78e](https://github.com/certd/certd/commit/cf3a78e1145ff0505c87fbc485d9e731b1aa88a8))
 * gcore flush plugin ssl_id改为必填项 ([4b90972](https://github.com/certd/certd/commit/4b909723411c57505aa13b07d8699fb9ac77c937))
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 ### Bug Fixes
@@ -1 +0,0 @@
 2
@@ -1 +0,0 @@
 21:09
@@ -1 +0,0 @@
 5
@@ -3,6 +3,74 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 ### Bug Fixes
 * 修复版本比较bug ([109696e](https://github.com/certd/certd/commit/109696e965d68c50c8627ffd40203edd1d2daea5))
 * 修复某些情况下cname申请证书报错主域名不一致的bug ([2671781](https://github.com/certd/certd/commit/2671781e1bb0838981728d85eacf0e1a25a0fa48))
 ### Performance Improvements
 * cname主域名校验提示优化，显示不一致的两方便于排查问题 ([6ebb365](https://github.com/certd/certd/commit/6ebb3659f42155e4e8da600c493fb5227cd08137))
 * dns解析支持阿里esa ([9291fa6](https://github.com/certd/certd/commit/9291fa68aa7a88a05c2f888bf3048df36a8fbde3))
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 ### Features
 * @certd/ui-server module import报错的问题 ([0c61d4c](https://github.com/certd/certd/commit/0c61d4c9788677c83c567db5381b9e257ec90bba))
 * dist打包前检查 ([8f6e5bd](https://github.com/certd/certd/commit/8f6e5bd24b3b65fbfcba36c08f532a3abad2d606))
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 ### Bug Fixes
 * 固定midwayjs版本，修复ui-server import 错误的bug ([eb4d125](https://github.com/certd/certd/commit/eb4d125eaf4a41e88c752d0c68993829589f8f27))
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 ### Bug Fixes
 * 修复 ui-server 加载失败问题 ([c2ccdbe](https://github.com/certd/certd/commit/c2ccdbec9dd08bca4688eeb2f34d0105eec43ba1))
 * 修复 ui-server 加载失败问题 ([063f5c3](https://github.com/certd/certd/commit/063f5c3b55e47df22543a64f02e039e84f92cd14))
 ### Performance Improvements
 * 重置管理员密码同时会关闭验证码，防止验证码失效之后无法登录 ([03899d4](https://github.com/certd/certd/commit/03899d4d9c76fc2077dacc53ab88e2c9ca41af7c))
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 ### Bug Fixes
 * 授权页面，id列位置不在第一列的bug ([3f1722d](https://github.com/certd/certd/commit/3f1722d54debcb4849dc14521a2da0d9b304b69f))
 ### Performance Improvements
 * 动态加载验证码script ([dcc396a](https://github.com/certd/certd/commit/dcc396afb7a23aeb8af57c01014b09af5f033e61))
 * 开启子域名托管之后cname记录支持重置 ([54c8d62](https://github.com/certd/certd/commit/54c8d622437761d350db0f17e07f7517f1911211))
 * 手动上传证书优化，增加到期前报错提醒 ([3d42bfd](https://github.com/certd/certd/commit/3d42bfd479eaacc4a49c401224815a6e2a0204b0))
 * 验证码支持测试，登录验证码需要测试通过后才能开启 ([83e6476](https://github.com/certd/certd/commit/83e6476408090b741fabb1b542fb458d9a8b4134))
 * 支持腾讯云验证码 ([03f317f](https://github.com/certd/certd/commit/03f317ffdb6595ce70e8a2302b05f390c52110c8))
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 ### Bug Fixes
 * 修复旧版本升级上来报错eab授权的bug ([b76f2e2](https://github.com/certd/certd/commit/b76f2e2008a7fefac4c91179c45c56c7a7a84b71))
 * 选择授权对话框编辑时，名称字段排在最后的bug ([31cfb09](https://github.com/certd/certd/commit/31cfb09468bda3272f5f63af65ff3e9272220b39))
 ### Performance Improvements
 * 7001绑定::地址 ([7188997](https://github.com/certd/certd/commit/7188997dd1979f1c10fa29b30221015e0bd5fe9e))
 * 登录失败时清除验证码状态 ([1c15bea](https://github.com/certd/certd/commit/1c15beadc7fe8a7c6ec1903b7e722ca2f52e05b3))
 * 公共cname支持权限校验 ([9cc5f0f](https://github.com/certd/certd/commit/9cc5f0f889d4362ff36e7a1f0e448e02d32ecee7))
 * 优化连接失败的报错提示 ([71d8e7e](https://github.com/certd/certd/commit/71d8e7edd23ad63fdc01a92766b52ede5074fe7c))
 * 增加自签名证书提示 ([877c9c4](https://github.com/certd/certd/commit/877c9c4ff99f81d289f67afd96f440c0796b03ea))
 * add preferred chain for google trust service ([#539](https://github.com/certd/certd/issues/539)) @ZeroClover ([e31d26a](https://github.com/certd/certd/commit/e31d26a8871c6088d9f8c0f580746ff2a810ae0c))
 * dns支持新网域名解析 ([cf3a78e](https://github.com/certd/certd/commit/cf3a78e1145ff0505c87fbc485d9e731b1aa88a8))
 * gcore flush plugin ssl_id改为必填项 ([4b90972](https://github.com/certd/certd/commit/4b909723411c57505aa13b07d8699fb9ac77c937))
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 ### Bug Fixes
@@ -5,6 +5,9 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
 ![首页](../images/start/home.png)
 ## 1、关于证书续期
 >* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
 >* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
@@ -15,7 +18,7 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。
 * 全自动申请证书（支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式）
-* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等100+部署插件）
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
 * 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
 * 私有化部署，数据保存本地，安装升级非常简单快捷
@@ -11,9 +11,12 @@
 git clone https://github.com/certd/certd --depth=1
 # git checkout v1.x.x  # 当v2主干分支代码无法正常启动时，可以尝试此命令，1.x.x换成最新版本号
 cd certd
 # 启动服务
 ./start.sh
 ```
 >如果是windows，请先安装`git for windows` ，然后右键，选择`open git bash here`打开终端，再执行`./start.sh`命令
@@ -7,10 +7,16 @@
 https://certd.handsfree.work/
-> 注意数据将不定期清理，不定期停止定时任务，生产使用请自行部署    
+注册 -> 创建证书流水线 -> 添加部署任务 -> 测试运行
 > 注意demo的数据将不定期清理，生产使用请自行部署    
 > 包含敏感信息，务必自己本地部署进行生产使用
 ![首页](../images/start/home-2.png)
 ## 二、私有化部署
 由于证书、授权信息等属于高度敏感数据，请务必私有化部署，保障数据安全
@@ -1,11 +1,40 @@
 # 宝塔IP白名单与动态IP问题
 调用宝塔接口需要添加IP白名单，但当certd部署在动态IP环境下时，IP白名单就不好添加
-本章节提供一种代理解决方案
+本章节提供两种解决方案：
 1. 小范围网段放开（简单）
 2. nginx代理
 ## 一、放开小范围网段
 家庭网络IP虽然会变动，但是只会在小范围变的。
 你可以分析规律，将变动的部分，设置成网段即可
 > 比如出现过： 100.25.1.5 ， 100.25.1.8
 >
 > 那么你可以配置 100.25.1.1-100.25.1.255
-## nginx代理方案
+> 如果出现过： 100.25.1.5 ， 100.25.4.8
 >
 > 可以尝试配置 100.25.*.5
-通过在宝塔中配置一个nginx反向代理宝塔自己的地址，然后在nginx中配置放开certd需要的接口，缩小影响范围
+## 二、nginx代理方案
 通过在宝塔中配置一个nginx反向代理，代理宝塔自己的地址
 然后在nginx中配置放开certd需要的接口，缩小影响范围
 让nginx来充当防火墙
 架构图如下：
 ```
                    只要将127.0.0.1加入白名单即可
                                ↓
 certd --------> nginx -------> 宝塔
                  ↑
         拦截除更新证书之外的地址
 ```
 ### 1. 添加nginx反向代理
 ![](./images/white-1.png)
@@ -24,13 +24,13 @@ features:
  - title: 全自动申请证书
    details: 支持所有注册商注册的域名
  - title: 全自动部署证书
-    details: 支持部署到主机、阿里云、腾讯云等，目前已支持60+部署插件
+    details: 支持部署到主机、阿里云、腾讯云等，目前已支持100+部署插件
  - title: 多域名、泛域名打到一个证书上
    details: 支持通配符域名/泛域名，支持多个域名打到一个证书上
  - title: 多证书格式支持
    details: 支持pem、pfx、der、jks等多种证书格式，支持Google、Letsencrypt、ZeroSSL证书颁发机构
-  - title: 支持私有化部署
+  - title: 私有化部署，数据安全
-    details: 授权数据加密存储，保障数据安全
+    details: 授权数据加密存储，保障数据安全，支持SQLite、Postgresql、MySQL多种数据库
-  - title: 多数据库支持
+  - title: 无痛升级
-    details: 支持SQLite、Postgresql、MySQL数据库
+    details: 有手就行，向下兼容，无需担心数据作废
 ---
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.36.21"
+  "version": "1.37.1"
 }
@@ -18,7 +18,7 @@
    "devb": "lerna run dev-build",
    "i-all": "lerna link && lerna exec npm install  ",
    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
-    "afterpublishOnly": "npm run copylogs && time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "afterpublishOnly": "npm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
    "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
    "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
    "commitPro": "cd ./packages/pro/ && git add . && git commit -m \"build: publish\" && git push",
@@ -33,11 +33,11 @@
    "docs:dev": "vitepress dev docs",
    "docs:build": "npm run copylogs && vitepress build docs",
    "docs:preview": "vitepress preview docs",
-    "pub": "echo 1"
+    "pub": "echo 1",
    "dev": "pnpm run -r --parallel  compile "
  },
  "license": "AGPL-3.0",
  "dependencies": {
    "@certd/ui-server": "link:packages/ui/certd-server",
    "axios": "^1.7.7",
    "copyfiles": "^2.4.1",
    "lodash-es": "^4.17.21",
@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/publishlab/node-acme-client/compare/v1.37.0...v1.37.1) (2025-09-29)
 **Note:** Version bump only for package @certd/acme-client
 # [1.37.0](https://github.com/publishlab/node-acme-client/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.36.25](https://github.com/publishlab/node-acme-client/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.36.24](https://github.com/publishlab/node-acme-client/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.36.23](https://github.com/publishlab/node-acme-client/compare/v1.36.22...v1.36.23) (2025-09-26)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.36.22](https://github.com/publishlab/node-acme-client/compare/v1.36.21...v1.36.22) (2025-09-23)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.36.21](https://github.com/publishlab/node-acme-client/compare/v1.36.20...v1.36.21) (2025-09-15)
 **Note:** Version bump only for package @certd/acme-client
@@ -3,7 +3,7 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.36.21",
+    "version": "1.37.1",
    "type": "module",
    "module": "scr/index.js",
    "main": "src/index.js",
@@ -18,7 +18,7 @@
        "types"
    ],
    "dependencies": {
-        "@certd/basic": "^1.36.21",
+        "@certd/basic": "^1.37.1",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.7.2",
@@ -52,7 +52,8 @@
        "lint-types": "tsd",
        "prepublishOnly": "npm run build-docs",
        "test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\"",
-        "pub": "npm publish"
+        "pub": "npm publish",
        "compile": "tsc --skipLibCheck --watch"
    },
    "repository": {
        "type": "git",
@@ -69,5 +70,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+    "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -3,6 +3,34 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 **Note:** Version bump only for package @certd/basic
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/basic
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/basic
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/basic
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 **Note:** Version bump only for package @certd/basic
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 ### Performance Improvements
 * 优化连接失败的报错提示 ([71d8e7e](https://github.com/certd/certd/commit/71d8e7edd23ad63fdc01a92766b52ede5074fe7c))
 * 增加自签名证书提示 ([877c9c4](https://github.com/certd/certd/commit/877c9c4ff99f81d289f67afd96f440c0796b03ea))
 * dns支持新网域名解析 ([cf3a78e](https://github.com/certd/certd/commit/cf3a78e1145ff0505c87fbc485d9e731b1aa88a8))
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 **Note:** Version bump only for package @certd/basic
@@ -1 +1 @@
-20:59
+20:32
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.36.21",
+  "version": "1.37.1",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -13,7 +13,8 @@
    "dev-build": "npm run build",
    "preview": "vite preview",
    "test": "mocha   --loader=ts-node/esm",
-    "pub": "npm publish"
+    "pub": "npm publish",
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
    "axios": "^1.7.2",
@@ -45,5 +46,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+  "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -22,12 +22,14 @@ import { sp } from "./util.sp.js";
 import { hashUtils } from "./util.hash.js";
 import { promises } from "./util.promise.js";
 import { fileUtils } from "./util.file.js";
 import * as _ from "lodash-es";
 import { cache } from "./util.cache.js";
 import dayjs from "dayjs";
 import { domainUtils } from "./util.domain.js";
 export * from "./util.domain.js";
 import { optionsUtils } from "./util.options.js";
 export * from "./util.options.js";
 import { amountUtils } from "./util.amount.js";
 export * from "./util.amount.js";
 import { nanoid } from "nanoid";
 import * as id from "./util.id.js";
 import { locker } from "./util.lock.js";
@@ -43,7 +45,6 @@ export const utils = {
  hash: hashUtils,
  promises,
  file: fileUtils,
  _,
  mergeUtils,
  cache,
  nanoid,
@@ -17,10 +17,26 @@ function base64(data: string) {
 function base64Decode(data: string) {
  return Buffer.from(data, "base64").toString("utf8");
 }
 function toHex(data: number | string) {
  if (typeof data === "number") {
    return data.toString(16);
  }
  return Buffer.from(data).toString("hex");
 }
 function hexToStr(data: string) {
  return Buffer.from(data, "hex").toString("utf8");
 }
 function hexToNumber(data: string) {
  return parseInt(data, 16);
 }
 export const hashUtils = {
  md5,
  sha256,
  base64,
  base64Decode,
  hmacSha256,
  toHex,
  hexToStr,
  hexToNumber,
 };
@@ -207,10 +207,31 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
        case 505:
          error.message = "HTTP版本不受支持";
          break;
        case 302:
          //重定向
          return Promise.resolve(error.response);
        default:
          break;
      }
-      logger.error(`请求出错：status:${error.response?.status},statusText:${error.response?.statusText},url:${error.config?.url},method:${error.config?.method}。`);
+
      const errorCode = error.code;
      let errorMessage = null;
      if (errorCode === "ECONNABORTED") {
        errorMessage = "请求连接终止";
      } else if (errorCode === "ETIMEDOUT") {
        errorMessage = "请求连接超时";
      } else if (errorCode === "ECONNRESET") {
        errorMessage = "请求连接被重置";
      } else if (errorCode === "ECONNREFUSED") {
        errorMessage = "请求连接被服务端拒绝";
      } else if (errorCode === "ENOTFOUND") {
        errorMessage = "请求地址不存在";
      }
      if (errorMessage) {
        error.message = errorMessage + "," + error.message;
      }
      logger.error(`请求出错：status:${error.response?.status || error.code},statusText:${error.response?.statusText || error.code},url:${error.config?.url},method:${error.config?.method}。`);
      logger.error("返回数据:", JSON.stringify(error.response?.data));
      if (error.response?.data) {
        const message = error.response.data.message || error.response.data.msg || error.response.data.error;
@@ -1,8 +1,10 @@
 //转换为import
-import childProcess from 'child_process';
+//@ts-ignore
-import { safePromise } from './util.promise.js';
+import childProcess from "child_process";
-import { ILogger, logger } from './util.log.js';
+import { safePromise } from "./util.promise.js";
-import iconv from 'iconv-lite';
+import { ILogger, logger } from "./util.log.js";
 //@ts-ignore
 import iconv from "iconv-lite";
 export type ExecOption = {
  cmd: string | string[];
  env: any;
@@ -11,12 +13,12 @@ export type ExecOption = {
 };
 async function exec(opts: ExecOption): Promise<string> {
-  let cmd = '';
+  let cmd = "";
  const log = opts.logger || logger;
  if (opts.cmd instanceof Array) {
    for (const item of opts.cmd) {
      if (cmd) {
-        cmd += ' && ' + item;
+        cmd += " && " + item;
      } else {
        cmd = item;
      }
@@ -28,17 +30,18 @@ async function exec(opts: ExecOption): Promise<string> {
      cmd,
      {
        env: {
          //@ts-ignore
          ...process.env,
          ...opts.env,
        },
        ...opts.options,
      },
-      (error, stdout, stderr) => {
+      (error: any, stdout: { toString: (arg0: string) => any }, stderr: any) => {
        if (error) {
          log.error(`exec error: ${error}`);
          reject(error);
        } else {
-          const res = stdout.toString('utf-8');
+          const res = stdout.toString("utf-8");
          log.info(`stdout: ${res}`);
          resolve(res);
        }
@@ -57,11 +60,12 @@ export type SpawnOption = {
 };
 function isWindows() {
-  return process.platform === 'win32';
+  // @ts-ignore
  return process.platform === "win32";
 }
 function convert(buffer: any) {
  if (isWindows()) {
-    const decoded = iconv.decode(buffer, 'GBK');
+    const decoded = iconv.decode(buffer, "GBK");
    // 检查是否有有效字符
    return decoded && decoded.trim().length > 0 ? decoded : buffer.toString();
  } else {
@@ -74,12 +78,12 @@ function convert(buffer: any) {
 // }
 async function spawn(opts: SpawnOption): Promise<string> {
-  let cmd = '';
+  let cmd = "";
  const log = opts.logger || logger;
  if (opts.cmd instanceof Array) {
    for (const item of opts.cmd) {
      if (cmd) {
-        cmd += ' && ' + item;
+        cmd += " && " + item;
      } else {
        cmd = item;
      }
@@ -88,37 +92,47 @@ async function spawn(opts: SpawnOption): Promise<string> {
    cmd = opts.cmd;
  }
  log.info(`执行命令: ${cmd}`);
-  let stdout = '';
+  let stdout = "";
-  let stderr = '';
+  let stderr = "";
  return safePromise((resolve, reject) => {
    const ls = childProcess.spawn(cmd, {
      shell: true,
      env: {
        //@ts-ignore
        ...process.env,
        ...opts.env,
      },
      ...opts.options,
    });
-    ls.stdout.on('data', data => {
+    ls.stdout.on("data", (data: string) => {
      data = convert(data);
      log.info(`stdout: ${data}`);
      stdout += data;
    });
-    ls.stderr.on('data', data => {
+    ls.stderr.on("data", (data: string) => {
      data = convert(data);
      log.warn(`stderr: ${data}`);
      stderr += data;
    });
-    ls.on('error', error => {
+    ls.on("error", (error: any) => {
      log.error(`child process error: ${error}`);
      //@ts-ignore
      error.stderr = stderr;
      //@ts-ignore
      error.stdout = stdout;
      reject(error);
    });
-    ls.on('close', (code: number) => {
+    ls.on("close", (code: number) => {
      if (code !== 0) {
        log.error(`child process exited with code ${code}`);
-        reject(new Error(stderr));
+        const e = new Error(stderr || "return " + code);
        //@ts-ignore
        e.stderr = stderr;
        //@ts-ignore
        e.stdout = stdout;
        reject(e);
      } else {
        resolve(stdout);
      }
@@ -3,6 +3,32 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 **Note:** Version bump only for package @certd/pipeline
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 ### Performance Improvements
 * 手动上传证书优化，增加到期前报错提醒 ([3d42bfd](https://github.com/certd/certd/commit/3d42bfd479eaacc4a49c401224815a6e2a0204b0))
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 **Note:** Version bump only for package @certd/pipeline
@@ -1,7 +1,7 @@
 {
  "name": "@certd/pipeline",
  "private": false,
-  "version": "1.36.21",
+  "version": "1.37.1",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -14,11 +14,12 @@
    "build3": "rollup -c",
    "preview": "vite preview",
    "test": "mocha   --loader=ts-node/esm",
-    "pub": "npm publish"
+    "pub": "npm publish",
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/basic": "^1.36.21",
+    "@certd/basic": "^1.37.1",
-    "@certd/plus-core": "^1.36.21",
+    "@certd/plus-core": "^1.37.1",
    "dayjs": "^1.11.7",
    "lodash-es": "^4.17.21",
    "reflect-metadata": "^0.1.13"
@@ -44,5 +45,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+  "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -120,10 +120,9 @@ export class RunHistory {
    delete e.stack;
    delete e.cause;
    if (runnable.runnableType === "step") {
-      this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：`, e, stack, cause);
+      this._loggers[runnable.id].error(stack, cause);
    } else {
      this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：`, e.message);
    }
    this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：`, e.message);
  }
  finally(runnable: Runnable) {
@@ -17,6 +17,7 @@ export type CnameRecord = {
  cnameProvider: CnameProvider;
  status: string;
  commonDnsProvider?: any;
  mainDomain?: string;
 };
 export type ICnameProxyService = {
@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 **Note:** Version bump only for package @certd/lib-huawei
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 **Note:** Version bump only for package @certd/lib-huawei
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-huawei",
  "private": false,
-  "version": "1.36.21",
+  "version": "1.37.1",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+  "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 **Note:** Version bump only for package @certd/lib-iframe
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 **Note:** Version bump only for package @certd/lib-iframe
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-iframe",
  "private": false,
-  "version": "1.36.21",
+  "version": "1.37.1",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+  "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 **Note:** Version bump only for package @certd/jdcloud
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 **Note:** Version bump only for package @certd/jdcloud
@@ -1,6 +1,6 @@
 {
  "name": "@certd/jdcloud",
-  "version": "1.36.21",
+  "version": "1.37.1",
  "description": "jdcloud openApi sdk",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
@@ -61,5 +61,5 @@
      "fetch"
    ]
  },
-  "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+  "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 **Note:** Version bump only for package @certd/lib-k8s
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 **Note:** Version bump only for package @certd/lib-k8s
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-k8s",
  "private": false,
-  "version": "1.36.21",
+  "version": "1.37.1",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,7 +17,7 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/basic": "^1.36.21",
+    "@certd/basic": "^1.37.1",
    "@kubernetes/client-node": "0.21.0"
  },
  "devDependencies": {
@@ -32,5 +32,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+  "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -3,6 +3,38 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 **Note:** Version bump only for package @certd/lib-server
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 ### Features
 * dist打包前检查 ([8f6e5bd](https://github.com/certd/certd/commit/8f6e5bd24b3b65fbfcba36c08f532a3abad2d606))
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 ### Bug Fixes
 * 固定midwayjs版本，修复ui-server import 错误的bug ([eb4d125](https://github.com/certd/certd/commit/eb4d125eaf4a41e88c752d0c68993829589f8f27))
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 ### Bug Fixes
 * 修复 ui-server 加载失败问题 ([c2ccdbe](https://github.com/certd/certd/commit/c2ccdbec9dd08bca4688eeb2f34d0105eec43ba1))
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 ### Performance Improvements
 * 支持腾讯云验证码 ([03f317f](https://github.com/certd/certd/commit/03f317ffdb6595ce70e8a2302b05f390c52110c8))
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 **Note:** Version bump only for package @certd/lib-server
@@ -1,6 +1,6 @@
 {
  "name": "@certd/lib-server",
-  "version": "1.36.21",
+  "version": "1.37.1",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -17,7 +17,8 @@
    "lint": "mwts check",
    "lint:fix": "mwts fix",
    "prepublish": "npm run build",
-    "pub": "npm publish"
+    "pub": "npm publish",
    "compile": "tsc --skipLibCheck --watch"
  },
  "keywords": [],
  "author": "greper",
@@ -27,18 +28,20 @@
  ],
  "license": "AGPL",
  "dependencies": {
-    "@certd/acme-client": "^1.36.21",
+    "@certd/acme-client": "^1.37.1",
-    "@certd/basic": "^1.36.21",
+    "@certd/basic": "^1.37.1",
-    "@certd/pipeline": "^1.36.21",
+    "@certd/pipeline": "^1.37.1",
-    "@certd/plus-core": "^1.36.21",
+    "@certd/plugin-lib": "^1.37.1",
-    "@midwayjs/cache": "~3.14.0",
+    "@certd/plus-core": "^1.37.1",
-    "@midwayjs/core": "~3.20.3",
+    "@midwayjs/cache": "3.14.0",
-    "@midwayjs/i18n": "~3.20.3",
+    "@midwayjs/core": "3.20.11",
-    "@midwayjs/info": "~3.20.3",
+    "@midwayjs/i18n": "3.20.13",
-    "@midwayjs/koa": "~3.20.3",
+    "@midwayjs/info": "3.20.13",
-    "@midwayjs/logger": "~3.4.2",
+    "@midwayjs/koa": "3.20.13",
-    "@midwayjs/typeorm": "~3.20.3",
+    "@midwayjs/logger": "3.4.2",
-    "@midwayjs/upload": "^3.20.3",
+    "@midwayjs/typeorm": "3.20.11",
    "@midwayjs/upload": "3.20.13",
    "@midwayjs/validate": "3.20.13",
    "better-sqlite3": "^11.1.2",
    "cross-env": "^7.0.3",
    "dayjs": "^1.11.7",
@@ -61,5 +64,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+  "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -8,3 +8,5 @@ export * from './common-exception.js';
 export * from './not-found-exception.js';
 export * from './param-exception.js';
 export * from './site-off-exception.js';
 export * from './login-error-exception.js'
 export * from './code-error-exception.js'
@@ -1,3 +1,4 @@
 export * from './service/plus-service.js';
 export * from './service/file-service.js';
 export * from './service/encryptor.js';
 export * from './service/ocr-service.js';
@@ -0,0 +1,24 @@
 import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
 import { PlusService } from "./plus-service.js";
 import { IOcrService } from "@certd/plugin-lib";
 /**
 */
@Provide("ocrService")
@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class OcrService implements IOcrService {
  @Inject()
  plusService: PlusService;
  async doOcrFromImage(opts: { image: string }): Promise<{ texts: string[] }> {
    const res = await this.plusService.requestWithToken({
      url: "/activation/certd/ocr",
      method: "post",
      data: {
        image: opts.image
      }
    });
    return res;
  }
 }
@@ -3,8 +3,8 @@ import { AppKey, PlusRequestService } from '@certd/plus-core';
 import { cache, http, HttpRequestConfig, logger } from '@certd/basic';
 import { SysInstallInfo, SysLicenseInfo, SysSettingsService } from '../../settings/index.js';
 import { merge } from 'lodash-es';
-
+import fs from 'fs';
-@Provide()
+@Provide("plusService")
@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class PlusService {
  @Inject()
@@ -85,12 +85,31 @@ export class PlusService {
  async sendEmail(email: any) {
    const plusRequestService = await this.getPlusRequestService();
    let attachments = email.attachments || [];
    if (attachments.length > 0) {
      const newAttachments: any[] = [];
      attachments.forEach((item: any) => {
        const name = item.filename || item.path.split('/').pop();
        const body = item.content || fs.readFileSync(item.path);
        const bodyBase64 = Buffer.from(body).toString('base64');
        item = {
          name,
          body: bodyBase64,
        };
        newAttachments.push(item);
      });
      attachments = newAttachments;
    }
    await plusRequestService.request({
      url: '/activation/emailSend',
      data: {
        subject: email.subject,
        text: email.content,
        to: email.receivers,
        text: email.content,
        html: email.html,
        attachments,
      },
    });
  }
@@ -1,6 +1,13 @@
 import { HttpClient, ILogger, utils } from "@certd/basic";
 import {upperFirst} from "lodash-es";
-import { FormItemProps, PluginRequestHandleReq, Registrable } from "@certd/pipeline";
+import {
  accessRegistry,
  FormItemProps,
  IAccessService,
  IServiceGetter,
  PluginRequestHandleReq,
  Registrable
 } from "@certd/pipeline";
 export type AddonRequestHandleReqInput<T = any> = {
@@ -48,6 +55,7 @@ export type AddonContext = {
  http: HttpClient;
  logger: ILogger;
  utils: typeof utils;
  serviceGetter: IServiceGetter;
 };
 export abstract class BaseAddon implements IAddon {
@@ -58,8 +66,45 @@ export abstract class BaseAddon implements IAddon {
  // eslint-disable-next-line @typescript-eslint/no-empty-function
  async onInstance() {}
  async getAccess<T = any>(accessId: string | number, isCommon = false) {
    if (accessId == null) {
      throw new Error("您还没有配置授权");
    }
    const accessService = await this.ctx.serviceGetter.get<IAccessService>("accessService")
    let res: any = null;
    if (isCommon) {
      res = await accessService.getCommonById(accessId);
    } else {
      res = await accessService.getById(accessId);
    }
    if (res == null) {
      throw new Error("授权不存在，可能已被删除，请前往任务配置里面重新选择授权");
    }
    // @ts-ignore
    if (this.logger?.addSecret) {
      // 隐藏加密信息，不在日志中输出
      const type = res._type;
      const plugin = accessRegistry.get(type);
      const define = plugin.define;
      // @ts-ignore
      const input = define.input;
      for (const key in input) {
        if (input[key].encrypt && res[key] != null) {
          // @ts-ignore
          this.logger.addSecret(res[key]);
        }
      }
    }
    return res as T;
  }
  setCtx(ctx: AddonContext) {
    this.ctx = ctx;
    this.http = ctx.http;
@@ -1,5 +1,3 @@
 export * from './api/index.js'
 export * from './entity/addon.js'
 export * from './service/addon-service.js'
 export * from './service/addon-getter.js'
 export * from './service/addon-sys-getter.js'
@@ -1,18 +0,0 @@
 import { IAddonGetter } from "../api/index.js";
 export class AddonGetter implements IAddonGetter {
  userId: number;
  getter: <T>(id: any, userId?: number) => Promise<T>;
  constructor(userId: number, getter: (id: any, userId: number) => Promise<any>) {
    this.userId = userId;
    this.getter = getter;
  }
  async getById<T = any>(id: any) {
    return await this.getter<T>(id, this.userId);
  }
  async getCommonById<T = any>(id: any) {
    return await this.getter<T>(id, 0);
  }
 }
@@ -1,16 +1,15 @@
 import { Provide, Scope, ScopeEnum } from "@midwayjs/core";
 import { InjectEntityModel } from "@midwayjs/typeorm";
 import { In, Repository } from "typeorm";
-import { AddonDefine, BaseService, PageReq, PermissionException, ValidateException } from "../../../index.js";
+import { AddonDefine, BaseService, PageReq, ValidateException } from "../../../index.js";
-import { addonRegistry, newAddon } from "../api/index.js";
+import { addonRegistry } from "../api/index.js";
 import { AddonEntity } from "../entity/addon.js";
 import { http, logger, utils } from "@certd/basic";
 /**
 * Addon
 */
@Provide()
-@Scope(ScopeEnum.Request, {allowDowngrade: true})
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class AddonService extends BaseService<AddonEntity> {
  @InjectEntityModel(AddonEntity)
  repository: Repository<AddonEntity>;
@@ -30,21 +29,21 @@ export class AddonService extends BaseService<AddonEntity> {
  async add(param) {
    let oldEntity = null;
-    if (param._copyFrom){
+    if (param._copyFrom) {
      oldEntity = await this.info(param._copyFrom);
      if (oldEntity == null) {
-        throw new ValidateException('该Addon配置不存在,请确认是否已被删除');
+        throw new ValidateException("该Addon配置不存在,请确认是否已被删除");
      }
-      if (oldEntity.userId  !== param.userId) {
+      if (oldEntity.userId !== param.userId) {
-        throw new ValidateException('您无权查看该Addon配置');
+        throw new ValidateException("您无权查看该Addon配置");
      }
    }
-    if (!param.userId){
+    if (!param.userId) {
-      param.isSystem = true
+      param.isSystem = true;
-    }else{
+    } else {
-      param.isSystem = false
+      param.isSystem = false;
    }
-    delete param._copyFrom
+    delete param._copyFrom;
    return await super.add(param);
  }
@@ -56,7 +55,7 @@ export class AddonService extends BaseService<AddonEntity> {
  async update(param) {
    const oldEntity = await this.info(param.id);
    if (oldEntity == null) {
-      throw new ValidateException('该Addon配置不存在,请确认是否已被删除');
+      throw new ValidateException("该Addon配置不存在,请确认是否已被删除");
    }
    return await super.update(param);
  }
@@ -64,63 +63,24 @@ export class AddonService extends BaseService<AddonEntity> {
  async getSimpleInfo(id: number) {
    const entity = await this.info(id);
    if (entity == null) {
-      throw new ValidateException('该Addon配置不存在,请确认是否已被删除');
+      throw new ValidateException("该Addon配置不存在,请确认是否已被删除");
    }
    return {
      id: entity.id,
      name: entity.name,
      userId: entity.userId,
      addonType: entity.addonType,
-      type: entity.type,
+      type: entity.type
    };
  }
  async getAddonById(id: any, checkUserId: boolean, userId?: number): Promise<any> {
    const ctx = {
      http: http,
      logger: logger,
      utils: utils,
    };
    if (!id){
      //使用图片验证码
      return await newAddon("captcha", "image", {},ctx);
    }
    const entity = await this.info(id);
    if (entity == null) {
      //使用图片验证码
      return await newAddon("captcha", "image", {},ctx);
    }
    if (checkUserId) {
      if (userId == null) {
        throw new ValidateException('userId不能为空');
      }
      if (userId !== entity.userId) {
        throw new PermissionException('您对该Addon无访问权限');
      }
    }
    const setting =  JSON.parse(entity.setting ??"{}")
    const input = {
      id: entity.id,
      ...setting,
    };
    return await newAddon(entity.addonType, entity.type, input,ctx);
  }
  async getById(id: any, userId: number): Promise<any> {
    return await this.getAddonById(id, true, userId);
  }
  getDefineList(addonType: string) {
    return addonRegistry.getDefineList();
  }
-  getDefineByType(type: string,prefix?: string)  {
+  getDefineByType(type: string, prefix?: string) {
-    return addonRegistry.getDefine(type,prefix) as AddonDefine;
+    return addonRegistry.getDefine(type, prefix) as AddonDefine;
  }
@@ -134,31 +94,30 @@ export class AddonService extends BaseService<AddonEntity> {
    return await this.repository.find({
      where: {
        id: In(ids),
-        userId,
+        userId
      },
      select: {
        id: true,
        name: true,
        addonType: true,
        type: true,
-        userId:true,
+        userId: true,
-        isSystem: true,
+        isSystem: true
-      },
+      }
    });
  }
-
+  async getDefault(userId: number, addonType: string): Promise<any> {
  async getDefault(userId: number,addonType: string): Promise<any> {
    const res = await this.repository.findOne({
      where: {
        userId,
        addonType
      },
      order: {
-        isDefault: 'DESC',
+        isDefault: "DESC"
-      },
+      }
    });
    if (!res) {
      return null;
@@ -174,16 +133,16 @@ export class AddonService extends BaseService<AddonEntity> {
      type: res.type,
      name: res.name,
      userId: res.userId,
-      setting,
+      setting
    };
  }
-  async setDefault(id: number, userId: number,addonType:string) {
+  async setDefault(id: number, userId: number, addonType: string) {
    if (!id) {
-      throw new ValidateException('id不能为空');
+      throw new ValidateException("id不能为空");
    }
    if (!userId) {
-      throw new ValidateException('userId不能为空');
+      throw new ValidateException("userId不能为空");
    }
    await this.repository.update(
      {
@@ -191,7 +150,7 @@ export class AddonService extends BaseService<AddonEntity> {
        addonType
      },
      {
-        isDefault: false,
+        isDefault: false
      }
    );
    await this.repository.update(
@@ -201,22 +160,22 @@ export class AddonService extends BaseService<AddonEntity> {
        addonType
      },
      {
-        isDefault: true,
+        isDefault: true
      }
    );
  }
-  async getOrCreateDefault(opts:{addonType:string,type:string, inputs: any, userId: any}) {
+  async getOrCreateDefault(opts: { addonType: string, type: string, inputs: any, userId: any }) {
-    const {addonType,type,inputs,userId} = opts;
+    const { addonType, type, inputs, userId } = opts;
-   const addonDefine =  this.getDefineByType( type,addonType)
+    const addonDefine = this.getDefineByType(type, addonType);
-    const defaultConfig = await this.getDefault(userId,addonType);
+    const defaultConfig = await this.getDefault(userId, addonType);
    if (defaultConfig) {
      return defaultConfig;
    }
    const setting = {
-      ...inputs,
+      ...inputs
    };
    const res = await this.repository.save({
      userId,
@@ -224,7 +183,7 @@ export class AddonService extends BaseService<AddonEntity> {
      type: type,
      name: addonDefine.title,
      setting: JSON.stringify(setting),
-      isDefault: true,
+      isDefault: true
    });
    return this.buildAddonInstanceConfig(res);
  }
@@ -1,17 +0,0 @@
 import { IAccessService } from '@certd/pipeline';
 import { AddonService } from './addon-service.js';
 export class AddonSysGetter implements IAccessService {
  addonService: AddonService;
  constructor(addonService: AddonService) {
    this.addonService = addonService;
  }
  async getById<T = any>(id: any) {
    return await this.addonService.getById(id, 0);
  }
  async getCommonById<T = any>(id: any) {
    return await this.addonService.getById(id, 0);
  }
 }
@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 **Note:** Version bump only for package @certd/midway-flyway-js
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 **Note:** Version bump only for package @certd/midway-flyway-js
@@ -1,6 +1,6 @@
 {
  "name": "@certd/midway-flyway-js",
-  "version": "1.36.21",
+  "version": "1.37.1",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -25,9 +25,9 @@
  ],
  "license": "MIT",
  "dependencies": {
-    "@midwayjs/core": "~3.20.3",
+    "@midwayjs/core": "3.20.11",
-    "@midwayjs/logger": "~3.4.2",
+    "@midwayjs/logger": "3.4.2",
-    "@midwayjs/typeorm": "~3.20.3",
+    "@midwayjs/typeorm": "3.20.11",
    "better-sqlite3": "^11.1.2"
  },
  "devDependencies": {
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+  "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -3,6 +3,41 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 ### Performance Improvements
 * cname主域名校验提示优化，显示不一致的两方便于排查问题 ([6ebb365](https://github.com/certd/certd/commit/6ebb3659f42155e4e8da600c493fb5227cd08137))
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 ### Performance Improvements
 * 手动上传证书优化，增加到期前报错提醒 ([3d42bfd](https://github.com/certd/certd/commit/3d42bfd479eaacc4a49c401224815a6e2a0204b0))
 * 支持腾讯云验证码 ([03f317f](https://github.com/certd/certd/commit/03f317ffdb6595ce70e8a2302b05f390c52110c8))
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 ### Bug Fixes
 * 修复旧版本升级上来报错eab授权的bug ([b76f2e2](https://github.com/certd/certd/commit/b76f2e2008a7fefac4c91179c45c56c7a7a84b71))
 ### Performance Improvements
 * add preferred chain for google trust service ([#539](https://github.com/certd/certd/issues/539)) @ZeroClover ([e31d26a](https://github.com/certd/certd/commit/e31d26a8871c6088d9f8c0f580746ff2a810ae0c))
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 ### Bug Fixes
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-cert",
  "private": false,
-  "version": "1.36.21",
+  "version": "1.37.1",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -13,13 +13,14 @@
    "build3": "rollup -c",
    "build2": "vue-tsc --noEmit && vite build",
    "preview": "vite preview",
-    "pub": "npm publish"
+    "pub": "npm publish",
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/acme-client": "^1.36.21",
+    "@certd/acme-client": "^1.37.1",
-    "@certd/basic": "^1.36.21",
+    "@certd/basic": "^1.37.1",
-    "@certd/pipeline": "^1.36.21",
+    "@certd/pipeline": "^1.37.1",
-    "@certd/plugin-lib": "^1.36.21",
+    "@certd/plugin-lib": "^1.37.1",
    "@google-cloud/publicca": "^1.3.0",
    "dayjs": "^1.11.7",
    "jszip": "^3.10.1",
@@ -31,7 +32,6 @@
  "devDependencies": {
    "@types/chai": "^4.3.3",
    "@types/mocha": "^10.0.0",
    "@types/psl": "^1.1.3",
    "@typescript-eslint/eslint-plugin": "^8.26.1",
    "@typescript-eslint/parser": "^8.26.1",
    "chai": "^4.3.6",
@@ -43,5 +43,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+  "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -1,5 +1,5 @@
 import { HttpClient, ILogger, utils } from "@certd/basic";
-import { IAccess, Registrable } from "@certd/pipeline";
+import { IAccess, IServiceGetter, Registrable } from "@certd/pipeline";
 export type DnsProviderDefine = Registrable & {
  accessType: string;
@@ -25,6 +25,7 @@ export type DnsProviderContext = {
  http: HttpClient;
  utils: typeof utils;
  domainParser: IDomainParser;
  serviceGetter: IServiceGetter;
 };
 export interface IDnsProvider<T = any> {
@@ -2,3 +2,4 @@ export * from "./api.js";
 export * from "./registry.js";
 export * from "./decorator.js";
 export * from "./base.js";
 export * from "./domain-parser.js";
@@ -6,6 +6,7 @@ import dayjs from "dayjs";
 export { CertReader };
 export type { CertInfo };
@IsTaskPlugin({
  name: "CertApplyUpload",
  icon: "ph:certificate",
@@ -62,6 +63,19 @@ export type { CertInfo };
  },
 })
 export class CertApplyUploadPlugin extends CertApplyBaseConvertPlugin {
  @TaskInput({
    title: "过期前提醒",
    value: 10,
    component: {
      name: "a-input-number",
      vModel: "value",
    },
    required: true,
    order: 100,
    helper: "到期前多少天提醒",
  })
  renewDays!: number;
  @TaskInput({
    title: "手动上传证书",
    component: {
@@ -97,6 +111,7 @@ export class CertApplyUploadPlugin extends CertApplyBaseConvertPlugin {
    this.userContext = this.ctx.userContext;
    this.lastStatus = this.ctx.lastStatus as Step;
  }
  async onInit(): Promise<void> {}
  async getCertFromStore() {
@@ -107,48 +122,54 @@ export class CertApplyUploadPlugin extends CertApplyBaseConvertPlugin {
    } catch (e) {
      this.logger.warn("读取cert失败：", e);
    }
    if (certReader == null) {
      certReader = new CertReader(this.uploadCert);
    }
    if (!certReader.expires || certReader.expires < new Date().getTime()) {
      throw new Error("证书已过期，停止部署，请重新上传证书");
    }
    return certReader;
  }
-  async execute(): Promise<string | void> {
+  private checkExpires(certReader: CertReader) {
-    let certReader = await this.getCertFromStore();
+    const renewDays = (this.renewDays ?? 10) * 24 * 60 * 60 * 1000;
-    const crtMd5 = this.ctx.utils.hash.md5(certReader.cert.crt);
+    if (certReader.expires) {
-
+      if (certReader.expires < new Date().getTime()) {
-    const leftDays = dayjs(certReader.expires).diff(dayjs(), "day");
+        throw new Error("证书已过期，停止部署，请尽快上传新证书");
-    this.logger.info(`证书过期时间${dayjs(certReader.expires).format("YYYY-MM-DD HH:mm:ss")},剩余${leftDays}天`);
+      }
-
+      if (certReader.expires < new Date().getTime() + renewDays) {
-    if (!this.ctx.inputChanged) {
+        throw new Error("证书即将已过期，停止部署，请尽快上传新证书");
-      this.logger.info("输入参数无变化");
+      }
-      const lastCrtMd5 = this.lastStatus?.status?.output?.certMd5;
+    }
-      this.logger.info("证书MD5", crtMd5);
+  }
-      this.logger.info("上次证书MD5", lastCrtMd5);
+
-      if (lastCrtMd5 === crtMd5) {
+  async execute(): Promise<string | void> {
-        this.logger.info("证书无变化，跳过");
+    const oldCertReader = await this.getCertFromStore();
-        //输出证书MD5
+    if (oldCertReader) {
-        this.certMd5 = crtMd5;
+      const leftDays = dayjs(oldCertReader.expires).diff(dayjs(), "day");
-        await this.output(certReader, false);
+      this.logger.info(`证书过期时间${dayjs(oldCertReader.expires).format("YYYY-MM-DD HH:mm:ss")},剩余${leftDays}天`);
-        return "skip";
+      this.checkExpires(oldCertReader);
      if (!this.ctx.inputChanged) {
        this.logger.info("输入参数无变化");
        const lastCrtMd5 = this.lastStatus?.status?.output?.certMd5;
        const newCrtMd5 = this.ctx.utils.hash.md5(this.uploadCert.crt);
        this.logger.info("证书MD5", newCrtMd5);
        this.logger.info("上次证书MD5", lastCrtMd5);
        if (lastCrtMd5 === newCrtMd5) {
          this.logger.info("证书无变化，跳过");
          //输出证书MD5
          this.certMd5 = newCrtMd5;
          await this.output(oldCertReader, false);
          return "skip";
        }
        this.logger.info("证书有变化，重新部署");
      } else {
        this.logger.info("输入参数有变化，重新部署");
      }
      this.logger.info("证书有变化，重新部署");
    } else {
      this.logger.info("输入参数有变化，重新部署");
    }
-    certReader = new CertReader(this.uploadCert);
+    const newCertReader = new CertReader(this.uploadCert);
    this.clearLastStatus();
    //输出证书MD5
-    this.certMd5 = this.ctx.utils.hash.md5(certReader.cert.crt);
+    this.certMd5 = this.ctx.utils.hash.md5(newCertReader.cert.crt);
-    const newLeftDays = dayjs(certReader.expires).diff(dayjs(), "day");
+    const newLeftDays = dayjs(newCertReader.expires).diff(dayjs(), "day");
-    this.logger.info(`新证书过期时间${dayjs(certReader.expires).format("YYYY-MM-DD HH:mm:ss")},剩余${newLeftDays}天`);
+    this.logger.info(`新证书过期时间${dayjs(newCertReader.expires).format("YYYY-MM-DD HH:mm:ss")},剩余${newLeftDays}天`);
-
+    this.checkExpires(newCertReader);
-    await this.output(certReader, true);
+    await this.output(newCertReader, true);
    //必须output之后执行
    await this.emitCertApplySuccess();
@@ -524,6 +524,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
      http: this.ctx.http,
      utils,
      domainParser,
      serviceGetter: this.ctx.serviceGetter,
    };
    return await createDnsProvider({
      dnsProviderType,
@@ -540,7 +541,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
      const mainDomain = await domainParser.parse(domain);
      const planSetting: DomainVerifyPlanInput = verifyPlanSetting[mainDomain];
      if (planSetting == null) {
-        throw new Error(`没有找到域名（${domain}）的校验计划`);
+        throw new Error(`没有找到域名（${domain}）的校验计划（如果您在流水线创建之后设置了子域名托管，需要重新编辑证书申请任务和重新校验cname记录的校验状态）`);
      }
      if (planSetting.type === "dns") {
        plan[domain] = await this.createDnsDomainVerifyPlan(planSetting, domain, mainDomain);
@@ -629,10 +630,20 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
    if (cnameRecord == null) {
      throw new Error(`请先配置${domain}的CNAME记录，并通过校验`);
    }
    if (cnameRecord.status !== "valid") {
      throw new Error(`CNAME记录${domain}的校验状态为${cnameRecord.status}，请等待校验通过`);
    }
    // 主域名异常
    if (cnameRecord.mainDomain && mainDomain && cnameRecord.mainDomain !== mainDomain) {
      throw new Error(`CNAME记录${domain}的域名与配置的主域名不一致（${cnameRecord.mainDomain}≠${mainDomain}），请确认是否在流水线创建之后修改了子域名托管，您需要重新校验CNAME记录的校验状态`);
    }
    let dnsProvider = cnameRecord.commonDnsProvider;
    if (cnameRecord.cnameProvider.id > 0) {
      dnsProvider = await this.createDnsProvider(cnameRecord.cnameProvider.dnsProviderType, cnameRecord.cnameProvider.access);
    }
    return {
      type: "cname",
      domain,
@@ -3,6 +3,32 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 ### Performance Improvements
 * dns解析支持阿里esa ([9291fa6](https://github.com/certd/certd/commit/9291fa68aa7a88a05c2f888bf3048df36a8fbde3))
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 **Note:** Version bump only for package @certd/plugin-lib
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-lib",
  "private": false,
-  "version": "1.36.21",
+  "version": "1.37.1",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -13,7 +13,8 @@
    "build3": "rollup -c",
    "build2": "vue-tsc --noEmit && vite build",
    "preview": "vite preview",
-    "pub": "npm publish"
+    "pub": "npm publish",
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
    "@alicloud/openapi-client": "^0.4.14",
@@ -21,8 +22,8 @@
    "@alicloud/pop-core": "^1.7.10",
    "@alicloud/tea-util": "^1.4.10",
    "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.36.21",
+    "@certd/basic": "^1.37.1",
-    "@certd/pipeline": "^1.36.21",
+    "@certd/pipeline": "^1.37.1",
    "@kubernetes/client-node": "0.21.0",
    "ali-oss": "^6.22.0",
    "basic-ftp": "^5.0.5",
@@ -41,7 +42,6 @@
  "devDependencies": {
    "@types/chai": "^4.3.3",
    "@types/mocha": "^10.0.0",
    "@types/psl": "^1.1.3",
    "@typescript-eslint/eslint-plugin": "^8.26.1",
    "@typescript-eslint/parser": "^8.26.1",
    "chai": "^4.3.6",
@@ -53,5 +53,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "3cedef4974708d828fb972acc54af0515e3ec3a0"
+  "gitHead": "c725cee0445dbe1ebd1b6588373bde31697113da"
 }
@@ -0,0 +1,45 @@
 import { AccessInput, BaseAccess, IsAccess } from "@certd/pipeline";
@IsAccess({
  name: "aliesa",
  title: "阿里云ESA授权",
  desc: "",
  icon: "ant-design:aliyun-outlined",
  order: 0,
 })
 export class AliesaAccess extends BaseAccess {
  @AccessInput({
    title: "阿里云授权",
    component: {
      name: "access-selector",
      vModel: "modelValue",
      type: "aliyun",
    },
    helper: "请选择阿里云授权",
    required: true,
  })
  accessId = "";
  @AccessInput({
    title: "地区",
    component: {
      name: "a-select",
      vModel: "value",
      options: [
        {
          label: "杭州",
          value: "cn-hangzhou",
        },
        {
          label: "新加坡",
          value: "ap-southeast-1",
        },
      ],
    },
    helper: "请选择ESA地区",
    required: true,
  })
  region = "";
 }
 new AliesaAccess();
@@ -1,2 +1,3 @@
 export * from "./aliyun-access.js";
 export * from "./alioss-access.js";
 export * from "./aliesa-access.js";
@@ -7,3 +7,4 @@ export * from "./qiniu/index.js";
 export * from "./ctyun/index.js";
 export * from "./oss/index.js";
 export * from "./s3/index.js";
 export * from "./lib/index.js";
@@ -0,0 +1 @@
 export * from "./ocr-api.js";
@@ -0,0 +1,3 @@
 export interface IOcrService {
  doOcrFromImage(opts: { image: string }): Promise<{ texts: string[] }>;
 }
@@ -10,6 +10,7 @@ RUN cp /workspace/certd-client/dist/* /workspace/certd-server/public/ -rf
 RUN cd /workspace/certd-server && pnpm install && npm run build-on-docker
 FROM node:22-alpine
 EXPOSE 7001
 EXPOSE 7002
@@ -0,0 +1,2 @@
 #登录与权限开启
 VITE_APP_PM_ENABLED=false
@@ -3,6 +3,45 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 ### Bug Fixes
 * 修复版本比较bug ([109696e](https://github.com/certd/certd/commit/109696e965d68c50c8627ffd40203edd1d2daea5))
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 **Note:** Version bump only for package @certd/ui-client
 ## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
 **Note:** Version bump only for package @certd/ui-client
 ## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
 **Note:** Version bump only for package @certd/ui-client
 ## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
 ### Bug Fixes
 * 授权页面，id列位置不在第一列的bug ([3f1722d](https://github.com/certd/certd/commit/3f1722d54debcb4849dc14521a2da0d9b304b69f))
 ### Performance Improvements
 * 动态加载验证码script ([dcc396a](https://github.com/certd/certd/commit/dcc396afb7a23aeb8af57c01014b09af5f033e61))
 * 验证码支持测试，登录验证码需要测试通过后才能开启 ([83e6476](https://github.com/certd/certd/commit/83e6476408090b741fabb1b542fb458d9a8b4134))
 ## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
 ### Bug Fixes
 * 选择授权对话框编辑时，名称字段排在最后的bug ([31cfb09](https://github.com/certd/certd/commit/31cfb09468bda3272f5f63af65ff3e9272220b39))
 ### Performance Improvements
 * 登录失败时清除验证码状态 ([1c15bea](https://github.com/certd/certd/commit/1c15beadc7fe8a7c6ec1903b7e722ca2f52e05b3))
 ## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
 ### Bug Fixes
@@ -23,6 +23,7 @@
 </div>
 <script type="module" src="/src/main.ts"></script>
-<script src="https://static.geetest.com/v4/gt4.js"></script>
+<!--<script src="https://static.geetest.com/v4/gt4.js"></script>-->
 <!--<script src="https://turing.captcha.qcloud.com/TJCaptcha.js"></script>-->
 </body>
 </html>
@@ -1,11 +1,12 @@
 {
  "name": "@certd/ui-client",
-  "version": "1.36.21",
+  "version": "1.37.1",
  "private": true,
  "scripts": {
    "dev": "vite --open",
    "dev:pm": "vite --mode pm",
    "dev:force": "vite --force",
    "remote": "vite --mode remote --open",
    "debug": "vite --mode debug --open",
    "debug:pm": "vite --mode debugpm",
    "debug:force": "vite --force --mode debug",
@@ -97,6 +98,7 @@
    "vue-cropperjs": "^5.0.0",
    "vue-echarts": "^7.0.3",
    "vue-i18n": "^9.10.2",
    "vue-plugin-load-script": "2.1.1",
    "vue-router": "^4.3.0",
    "vuedraggable": "^4.1.0",
    "watermark-js-plus": "^1.5.8",
@@ -104,8 +106,8 @@
    "zod-defaults": "^0.1.3"
  },
  "devDependencies": {
-    "@certd/lib-iframe": "^1.36.21",
+    "@certd/lib-iframe": "^1.37.1",
-    "@certd/pipeline": "^1.36.21",
+    "@certd/pipeline": "^1.37.1",
    "@rollup/plugin-commonjs": "^25.0.7",
    "@rollup/plugin-node-resolve": "^15.2.3",
    "@types/chai": "^4.3.12",
@@ -1,5 +1,5 @@
 <template>
-  <component :is="captchaComponent" v-if="settingStore.inited" ref="captchaRef" class="captcha_input" :captcha-get="getCaptcha" @change="onChange" />
+  <component :is="captchaComponent" v-if="settingStore.inited" ref="captchaRef" :model-value="modelValue" class="captcha_input" :captcha-get="getCaptcha" @change="onChange" />
 </template>
 <script setup lang="ts">
 import { ref, computed, defineAsyncComponent } from "vue";
@@ -7,6 +7,20 @@ import { useSettingStore } from "/@/store/settings";
 import { nanoid } from "nanoid";
 import { request } from "/@/api/service";
 const props = defineProps({
  modelValue: {
    type: Object,
    default: () => ({}),
  },
  type: {
    type: String,
    default: "image",
  },
  addonId: {
    type: Number,
    default: 0,
  },
 });
 const captchaRef = ref(null);
 const settingStore = useSettingStore();
@@ -17,7 +31,7 @@ const captchaAddonId = computed(() => {
  return settingStore.sysPublic.captchaAddonId ?? 0;
 });
 const captchaComponent = computed(() => {
-  let type = "image";
+  let type: any = props.type ?? "image";
  if (settingStore.sysPublic.captchaAddonId && settingStore.sysPublic.captchaType) {
    type = settingStore.sysPublic.captchaType;
  }
@@ -36,7 +50,7 @@ async function getCaptcha(): Promise<any> {
  });
 }
-function onChange(data) {
+function onChange(data: any) {
  emits("update:modelValue", data);
  emits("change", data);
 }
@@ -44,7 +58,11 @@ function onChange(data) {
 async function getCaptchaForm() {
  return await captchaRef.value.getCaptchaForm();
 }
 async function reset() {
  await captchaRef.value.reset();
 }
 defineExpose({
  getCaptchaForm,
  reset,
 });
 </script>
@@ -2,28 +2,32 @@
  <div ref="captchaRef" class="geetest_captcha_wrapper"></div>
 </template>
 <script setup lang="ts">
-import { onMounted, defineProps, defineEmits, ref, onUnmounted } from "vue";
+import { onMounted, defineProps, defineEmits, ref, onUnmounted, Ref, watch } from "vue";
 import { useSettingStore } from "/@/store/settings";
 import { request } from "/src/api/service";
 import { notification } from "ant-design-vue";
 import { loadScript } from "vue-plugin-load-script";
 const loaded = ref(false);
 async function loadCaptchaScript() {
  // 加载验证码js
  await loadScript("https://static.geetest.com/v4/gt4.js");
  loaded.value = true;
 }
 defineOptions({
  name: "GeetestCaptcha",
 });
 const emit = defineEmits(["update:modelValue", "change"]);
 const props = defineProps<{
  modelValue: any;
  captchaGet: () => Promise<any>;
 }>();
 const captchaRef = ref(null);
 // const addonApi = createAddonApi();
 const settingStore = useSettingStore();
-const captchaInstanceRef = ref({});
+const captchaInstanceRef: Ref = ref({});
 async function init() {
-  // if (!initGeetest4) {
+  await loadCaptchaScript();
  //   await import("https://static.geetest.com/v4/gt4.js");
  // }
  const { captchaId } = await props.captchaGet();
  // @ts-ignore
  initGeetest4(
@@ -35,6 +39,13 @@ async function init() {
      captcha.appendTo(captchaRef.value); // 调用appendTo将验证码插入到页的某一个元素中，这个元素用户可以自定义
      captchaInstanceRef.value.instance = captcha;
      captchaInstanceRef.value.captchaId = captchaId;
      captcha.onSuccess(function () {
        const form = getCaptchaForm();
        if (form) {
          emitChange(form);
        }
      });
    }
  );
 }
@@ -58,29 +69,51 @@ function getCaptchaForm() {
  return result;
 }
-const valueRef = ref(null);
+// const valueRef = ref(null);
-const timeoutId = setInterval(() => {
+// const timeoutId = setInterval(() => {
-  const form = getCaptchaForm();
+//   const form = getCaptchaForm();
-  if (form && valueRef.value != form) {
+//   if (form && valueRef.value != form) {
-    console.log("form", form);
+//     console.log("form", form);
-    valueRef.value = form;
+//     valueRef.value = form;
-    emitChange(form);
+//     emitChange(form);
-  }
+//   }
-}, 1000);
+// }, 1000);
-onUnmounted(() => {
+// onUnmounted(() => {
-  clearTimeout(timeoutId);
+//   clearTimeout(timeoutId);
-});
+// });
 function emitChange(value: string) {
  emit("update:modelValue", value);
  emit("change", value);
 }
 function reset() {
  captchaInstanceRef.value.instance.reset();
 }
 watch(
  () => {
    return props.modelValue;
  },
  value => {
    if (value == null) {
      reset();
    }
  }
 );
 defineExpose({
  getCaptchaForm,
  reset,
 });
 watch(
  () => [props.captchaGet],
  async () => {
    await init();
  }
 );
 onMounted(async () => {
  await init();
 });
@@ -11,10 +11,11 @@
  </div>
 </template>
 <script setup lang="ts">
-import { defineEmits, defineExpose, defineProps, ref } from "vue";
+import { defineEmits, defineExpose, defineProps, ref, watch } from "vue";
 import { nanoid } from "nanoid";
 const props = defineProps<{
  modelValue: any;
  captchaGet?: () => Promise<any>;
 }>();
 defineOptions({
@@ -42,6 +43,7 @@ function getCaptchaForm() {
 defineExpose({
  resetImageCode,
  getCaptchaForm,
  reset: resetImageCode,
 });
 resetImageCode();
@@ -52,7 +54,18 @@ function onChange(value: string) {
  emitChange(form);
 }
-function emitChange(value) {
+watch(
  () => {
    return props.modelValue;
  },
  value => {
    if (value == null) {
      resetImageCode();
    }
  }
 );
 function emitChange(value: any) {
  emit("update:modelValue", value);
  emit("change", value);
 }
@@ -0,0 +1,226 @@
 <template>
  <div ref="captchaRef" class="tencent_captcha_wrapper" :class="{ tencent_captcha_ok: modelValue }" @click="triggerCaptcha">
    <div class="validation-box" :class="{ validated: modelValue != null }">
      <div class="sweep-animation"></div>
      <div class="box-content">
        <div class="box-icon">✓</div>
        <span v-if="modelValue == null" class="status-text">点击进行验证</span>
        <span v-else class="status-text">验证成功</span>
      </div>
    </div>
  </div>
 </template>
 <script setup lang="ts">
 import { onMounted, defineProps, defineEmits, ref, onUnmounted, Ref, watch } from "vue";
 import { notification } from "ant-design-vue";
 import { loadScript } from "vue-plugin-load-script";
 const loaded = ref(false);
 async function loadCaptchaScript() {
  // 加载验证码js
  // var appid = "您的CaptchaAppId";
  // loadScript("https://turing.captcha.qq.com/TJCaptcha.js?appid=" + appid);
  await loadScript("https://turing.captcha.qcloud.com/TJCaptcha.js");
  loaded.value = true;
 }
 loadCaptchaScript();
 defineOptions({
  name: "TencentCaptcha",
 });
 const emit = defineEmits(["update:modelValue", "change"]);
 const props = defineProps<{
  modelValue: any;
  captchaGet: () => Promise<any>;
 }>();
 const captchaRef = ref(null);
 const captchaInstanceRef: Ref = ref({});
 // 定义回调函数
 function callback(res: { ret: number; ticket: string; randstr: string; errorCode?: number; errorMessage?: string }) {
  // 第一个参数传入回调结果，结果如下：
  // ret         Int       验证结果，0：验证成功。2：用户主动关闭验证码。
  // ticket      String    验证成功的票据，当且仅当 ret = 0 时 ticket 有值。
  // CaptchaAppId       String    验证码应用ID。
  // bizState    Any       自定义透传参数。
  // randstr     String    本次验证的随机串，后续票据校验时需传递该参数。
  // verifyDuration     Int   验证码校验接口耗时（ms）。
  // actionDuration     Int   操作校验成功耗时（用户动作+校验完成）(ms)。
  // sid     String   链路sid。
  console.log("callback:", res);
  // res（用户主动关闭验证码）= {ret: 2, ticket: null}
  // res（验证成功） = {ret: 0, ticket: "String", randstr: "String"}
  // res（请求验证码发生错误，验证码自动返回trerror_前缀的容灾票据） = {ret: 0, ticket: "String", randstr: "String",  errorCode: Number, errorMessage: "String"}
  // 此处代码仅为验证结果的展示示例，真实业务接入，建议基于ticket和errorCode情况做不同的业务处理
  if (res.ret === 0) {
    emitChange({
      ticket: res.ticket,
      randstr: res.randstr,
    });
  } else if (res.ret === 2) {
    console.log("用户主动关闭验证码");
  }
 }
 // 定义验证码js加载错误处理函数
 function loadErrorCallback(error: any) {
  // var appid = "您的CaptchaAppId";
  // // 生成容灾票据或自行做其它处理
  // var ticket = "trerror_1001_" + appid + "_" + Math.floor(new Date().getTime() / 1000);
  // callback({
  //   ret: 0,
  //   randstr: "@" + Math.random().toString(36).substr(2),
  //   ticket: ticket,
  //   errorCode: 1001,
  //   errorMessage: "jsload_error",
  // });
  notification.error({
    message: `验证码加载失败：${error?.message || error}`,
  });
 }
 async function triggerCaptcha() {
  if (!loaded.value) {
    notification.error({
      message: "验证码还未加载完成，请稍后再试",
    });
    return;
  }
  const { captchaAppId } = await props.captchaGet();
  try {
    // 生成一个验证码对象
    // CaptchaAppId：登录验证码控制台，从【验证管理】页面进行查看。如果未创建过验证，请先新建验证。注意：不可使用客户端类型为小程序的CaptchaAppId，会导致数据统计错误。
    //callback：定义的回调函数
    // @ts-ignore
    var captcha = new TencentCaptcha(captchaAppId + "", callback, {
      userLanguage: "zh-cn",
      // showFn: (ret: any) => {
      //   const {
      //     duration, // 验证码渲染完成的耗时(ms)
      //     sid, // 链路sid
      //   } = ret;
      // },
    });
    // 调用方法，显示验证码
    captcha.show();
  } catch (error) {
    // 加载异常，调用验证码js加载错误处理函数
    loadErrorCallback(error);
  }
 }
 function emitChange(value: any) {
  emit("update:modelValue", value);
  emit("change", value);
 }
 function reset() {
  captchaInstanceRef.value.instance.reset();
 }
 watch(
  () => {
    return props.modelValue;
  },
  value => {
    if (value == null) {
      reset();
    }
  }
 );
 defineExpose({
  reset,
 });
 </script>
 <style lang="less">
 .tencent_captcha_wrapper {
  .validation-box {
    width: 100%;
    height: 40px;
    margin: 0 auto 30px;
    border: 1px solid #ddd;
    border-radius: 8px;
    display: flex;
    justify-content: center;
    align-items: center;
    cursor: pointer;
    transition: all 0.3s ease;
    position: relative;
    overflow: hidden;
    background-color: #f9f9f9;
  }
  .validation-box:hover {
    border-color: #aaa;
    background-color: #f0f0f0;
  }
  .validation-box.validated {
    border-color: #4caf50;
    background-color: #f1f8e9;
  }
  .box-content {
    display: flex;
    align-items: center;
    justify-content: center;
    z-index: 2;
    position: relative;
  }
  .box-icon {
    font-size: 18px;
    color: #bbb;
    margin-right: 15px;
    transition: all 0.3s ease;
  }
  .validation-box.validated .box-icon {
    color: #4caf50;
  }
  .status-text {
    font-size: 14px;
    font-weight: 500;
    color: #888;
    transition: all 0.3s ease;
  }
  .validation-box.validated .status-text {
    color: #4caf50;
    font-weight: 600;
  }
  /* 划过动画效果 */
  .sweep-animation {
    position: absolute;
    top: 0;
    left: -100%;
    width: 100%;
    height: 100%;
    background: linear-gradient(90deg, transparent, rgba(76, 175, 80, 0.2), transparent);
    z-index: 1;
    opacity: 0;
    transition: opacity 0.3s;
  }
  .validation-box.validated .sweep-animation {
    animation: sweep 0.8s ease forwards;
    opacity: 1;
  }
  @keyframes sweep {
    0% {
      left: -100%;
    }
    50% {
      left: 0;
    }
    100% {
      left: 100%;
    }
  }
 }
 </style>
@@ -45,6 +45,16 @@ export async function DoVerify(id: number) {
  });
 }
 export async function ResetStatus(id: number) {
  return await request({
    url: apiPrefix + "/resetStatus",
    method: "post",
    data: {
      id,
    },
  });
 }
 export async function ParseDomain(fullDomain: string) {
  return await request({
    url: subDomainApiPrefix + "/parseDomain",
@@ -16,6 +16,9 @@
        <a-tooltip v-if="cnameRecord.error" :title="cnameRecord.error">
          <fs-icon class="ml-5 color-red" icon="ion:warning-outline"></fs-icon>
        </a-tooltip>
        <a-tooltip v-if="cnameRecord.status === 'valid'" title="重置校验状态，重新校验">
          <fs-icon class="ml-2 color-yellow text-md pointer" icon="solar:undo-left-square-bold" @click="resetStatus"></fs-icon>
        </a-tooltip>
      </td>
      <td class="center">
        <template v-if="cnameRecord.status !== 'valid'">
@@ -35,6 +38,7 @@ import { ref, watch } from "vue";
 import { dict } from "@fast-crud/fast-crud";
 import * as api from "./api.js";
 import CnameTip from "./cname-tip.vue";
 import { Modal } from "ant-design-vue";
 const statusDict = dict({
  data: [
    { label: "待设置CNAME", value: "cname", color: "warning" },
@@ -71,12 +75,15 @@ function onRecordChange() {
  });
 }
 async function loadRecord() {
  cnameRecord.value = await GetByDomain(props.domain);
 }
 let refreshIntervalId: any = null;
 async function doRefresh() {
  if (!props.domain) {
    return;
  }
-  cnameRecord.value = await GetByDomain(props.domain);
+  await loadRecord();
  onRecordChange();
  if (cnameRecord.value.status === "validating") {
@@ -114,6 +121,17 @@ async function doVerify() {
  }
  await doRefresh();
 }
 async function resetStatus() {
  Modal.confirm({
    title: "重置状态",
    content: "确定要重置校验状态吗？",
    onOk: async () => {
      await api.ResetStatus(cnameRecord.value.id);
      await loadRecord();
    },
  });
 }
 </script>
 <style lang="less">
@@ -175,6 +175,7 @@ export default {
    suiteSetting: "Suite Settings",
    orderManager: "Order Management",
    userSuites: "User Suites",
    netTest: "Network Test",
  },
  certificateRepo: {
    title: "Certificate Repository",
@@ -447,6 +448,7 @@ export default {
  description: "Description",
  createTime: "Creation Time",
  updateTime: "Update Time",
  mainDomain: "Main Domain",
  edit: "Edit",
  groupName: "Group Name",
  enterGroupName: "Please enter group name",
@@ -723,11 +725,14 @@ export default {
      captchaEnabled: "Enable Login Captcha",
      captchaHelper: "Whether to enable captcha verification for login",
      captchaType: "Captcha Setting",
-
+      captchaTest: "Captcha Test",
      // 保存后再点击测试，请务必测试通过了，再开启登录验证码
      captchaTestHelper: "Save and click test, please make sure the test is passed before enabling login captcha",
      baseSetting: "Base Settings",
      registerSetting: "Register Settings",
      safeSetting: "Safe Settings",
      paymentSetting: "Payment Settings",
      captchaSetting: "Captcha Setting",
    },
  },
  modal: {
@@ -181,6 +181,7 @@ export default {
    suiteSetting: "套餐设置",
    orderManager: "订单管理",
    userSuites: "用户套餐",
    netTest: "网络测试",
  },
  certificateRepo: {
    title: "证书仓库",
@@ -453,6 +454,7 @@ export default {
  description: "说明",
  createTime: "创建时间",
  updateTime: "更新时间",
  mainDomain: "主域名",
  edit: "编辑",
  groupName: "分组名称",
  enterGroupName: "请输入分组名称",
@@ -461,7 +463,7 @@ export default {
  batchDeleteConfirm: "确定要批量删除这{count}条记录吗",
  selectRecordFirst: "请先勾选记录",
  subdomainHosted: "托管的子域名",
-  subdomainHelpText: "如果您不理解什么是子域托管，请不要随意设置，可能导致证书无法申请，可以参考文档",
+  subdomainHelpText: "如果您不理解什么是子域托管，请不要随意设置（可能导致证书无法申请，以前设置过的cname记录也需要重新配置），可以参考文档",
  subdomainManagement: "子域管理",
  isDisabled: "是否禁用",
  enabled: "启用",
@@ -725,11 +727,13 @@ export default {
      captchaEnabled: "启用登录验证码",
      captchaHelper: "登录时是否启用验证码",
      captchaType: "验证码配置",
-
+      captchaTest: "测试验证码",
      captchaTestHelper: "保存后再点击测试，请务必测试通过了，再开启登录验证码",
      baseSetting: "基本设置",
      registerSetting: "注册设置",
      safeSetting: "安全设置",
      paymentSetting: "支付设置",
      captchaSetting: "验证码设置",
    },
  },
  modal: {
@@ -14,7 +14,7 @@ import { usePreferences } from "/@/vben/preferences";
 import { LocalStorage } from "/@/utils/util.storage";
 import { FsEditorCode } from "@fast-crud/editor-code";
-import "@fast-crud/editor-code/dist/style.css"
+import "@fast-crud/editor-code/dist/style.css";
 class ColumnSizeSaver {
  save: (key: string, size: number) => void;
@@ -249,6 +249,17 @@ export const sysResources = [
          },
        ],
      },
      {
        title: "certd.sysResources.netTest",
        name: "NetTest",
        path: "/sys/nettest",
        component: "/sys/nettest/index.vue",
        meta: {
          icon: "ion:build-outline",
          auth: true,
          keepAlive: true,
        },
      },
    ],
  },
 ];
@@ -19,6 +19,10 @@ div#app {
  height: 100%;
 }
 pre.pre{
   font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
 }
 h1,
 h2,
 h3,
@@ -54,8 +54,8 @@ export function useVbenModal<TParentModalProps extends ModalProps = ModalProps>(
          );
      },
      {
        inheritAttrs: false,
        name: "VbenParentModal",
        inheritAttrs: false,
      }
    );
    return [Modal, extendedApi as ExtendedModalApi] as const;
@@ -104,8 +104,8 @@ export function useVbenModal<TParentModalProps extends ModalProps = ModalProps>(
        );
    },
    {
      inheritAttrs: false,
      name: "VbenModal",
      inheritAttrs: false,
    }
  );
  injectData.extendApi?.(extendedApi);
@@ -91,6 +91,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          type: "number",
          column: {
            width: 50,
            order: -999,
          },
          form: {
            show: false,
@@ -66,6 +66,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          type: "number",
          column: {
            width: 100,
            order: -999,
          },
          form: {
            show: false,
@@ -75,6 +75,7 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any, a
      type: "number",
      column: {
        width: 100,
        order: -999,
      },
      form: {
        show: false,
@@ -57,4 +57,3 @@ export async function DeleteBatch(ids: any[]) {
    data: { ids },
  });
 }
@@ -95,6 +95,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          type: "number",
          column: {
            width: 80,
            order: -999,
          },
          form: {
            show: false,
@@ -67,3 +67,13 @@ export async function DoVerify(id: number) {
    },
  });
 }
 export async function ResetStatus(id: number) {
  return await request({
    url: apiPrefix + "/resetStatus",
    method: "post",
    data: {
      id,
    },
  });
 }
@@ -5,7 +5,7 @@ import { useRouter } from "vue-router";
 import { AddReq, compute, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
 import { useUserStore } from "/@/store/user";
 import { useSettingStore } from "/@/store/settings";
-import { message } from "ant-design-vue";
+import { message, Modal } from "ant-design-vue";
 import CnameTip from "/@/components/plugins/cert/domains-verify-plan-editor/cname-tip.vue";
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
  const router = useRouter();
@@ -79,6 +79,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          type: "number",
          column: {
            width: 80,
            order: -999,
          },
          form: {
            show: false,
@@ -188,16 +189,32 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          },
          column: {
            width: 120,
-            align: "center",
+            align: "left",
            cellRender({ value, row }) {
              async function resetStatus() {
                Modal.confirm({
                  title: "重置状态",
                  content: "确定要重置校验状态吗？",
                  onOk: async () => {
                    await api.ResetStatus(row.id);
                    await crudExpose.doRefresh();
                  },
                });
              }
              return (
-                <div class={"flex flex-center"}>
+                <div class={"flex flex-left"}>
                  <fs-values-format modelValue={value} dict={dictRef}></fs-values-format>
                  {row.error && (
                    <a-tooltip title={row.error}>
                      <fs-icon class={"ml-5 color-red"} icon="ion:warning-outline"></fs-icon>
                    </a-tooltip>
                  )}
                  {row.status === "valid" && (
                    <a-tooltip title={"重置校验状态，重新校验"}>
                      <fs-icon class={"ml-5 pointer "} icon="solar:undo-left-square-bold" onClick={resetStatus}></fs-icon>
                    </a-tooltip>
                  )}
                </div>
              );
            },
@@ -251,8 +268,15 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
            },
          },
        },
        mainDomain: {
          title: t("certd.mainDomain"),
          type: "text",
          form: {
            show: false,
          },
        },
        createTime: {
-          title: t("certd.create_time"),
+          title: t("certd.createTime"),
          type: "datetime",
          form: {
            show: false,
@@ -264,7 +288,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          },
        },
        updateTime: {
-          title: t("certd.update_time"),
+          title: t("certd.updateTime"),
          type: "datetime",
          form: {
            show: false,
@@ -93,6 +93,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          type: "number",
          column: {
            width: 100,
            order: -999,
          },
          form: {
            show: false,
@@ -217,14 +217,10 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
            show: false,
          },
          column: {
-            sorter: true,
+            sorter: false,
            conditionalRender: false,
            cellRender({ row }) {
-              const {
+              const { applyTime, effectiveTime, expiresTime } = row || {};
                applyTime,
                effectiveTime,
                expiresTime,
              } = row || {};
              if (!expiresTime) {
                return "-";
              }
@@ -385,10 +385,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          column: {
            conditionalRender: false,
            cellRender({ row }) {
-              const {
+              const { certEffectiveTime: effectiveTime, certExpiresTime: expiresTime } = row || {};
                certEffectiveTime: effectiveTime,
                certExpiresTime: expiresTime,
              } = row || {};
              if (!expiresTime) {
                return "-";
              }
@@ -72,6 +72,7 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any) {
      type: "number",
      column: {
        width: 100,
        order: -999,
      },
      form: {
        show: false,
@@ -366,10 +366,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
          },
          column: {
            cellRender({ row }) {
-              const {
+              const { certEffectiveTime: effectiveTime, certExpiresTime: expiresTime } = row?.lastVars || {};
                certEffectiveTime: effectiveTime,
                certExpiresTime: expiresTime,
              } = row?.lastVars || {};
              if (!expiresTime) {
                return "-";
              }
@@ -21,10 +21,17 @@
            </a-input>
          </a-form-item>
          <a-form-item has-feedback name="captchaForEmail" label="验证码">
-            <CaptchaInput v-model:model-value="formState.captchaForEmail"></CaptchaInput>
+            <CaptchaInput ref="captchaForEmailRef" v-model:model-value="formState.captchaForEmail"></CaptchaInput>
          </a-form-item>
          <a-form-item has-feedback name="validateCode" label="邮件验证码">
-            <email-code v-model:value="formState.validateCode" :captcha="formState.captchaForEmail" :email="formState.input" :random-str="formState.randomStr" verification-type="forgotPassword" />
+            <email-code
              v-model:value="formState.validateCode"
              :captcha="formState.captchaForEmail"
              :email="formState.input"
              :random-str="formState.randomStr"
              verification-type="forgotPassword"
              @error="formState.captchaForEmail = null"
            />
          </a-form-item>
        </a-tab-pane>
        <a-tab-pane key="mobile" tab="手机号找回">
@@ -36,10 +43,17 @@
            </a-input>
          </a-form-item>
          <a-form-item has-feedback name="captchaForSms" label="验证码">
-            <CaptchaInput v-model:model-value="formState.captchaForSms"></CaptchaInput>
+            <CaptchaInput ref="captchaForSmsRef" v-model:model-value="formState.captchaForSms"></CaptchaInput>
          </a-form-item>
          <a-form-item name="validateCode" label="手机验证码">
-            <sms-code v-model:value="formState.validateCode" :captcha="formState.captchaForSms" :mobile="formState.input" :phone-code="formState.phoneCode" verification-type="forgotPassword" />
+            <sms-code
              v-model:value="formState.validateCode"
              :captcha="formState.captchaForSms"
              :mobile="formState.input"
              :phone-code="formState.phoneCode"
              verification-type="forgotPassword"
              @error="formState.captchaForSms = null"
            />
          </a-form-item>
        </a-tab-pane>
      </a-tabs>
@@ -177,6 +177,8 @@ function isNewVersion(version: string, latestVersion: string) {
  for (let i = 0; i < current.length; i++) {
    if (parseInt(latest[i]) > parseInt(current[i])) {
      return true;
    } else if (parseInt(latest[i]) < parseInt(current[i])) {
      return false;
    }
  }
  return false;
@@ -191,7 +193,6 @@ async function loadLatestVersion() {
  const minVersion = settingsStore.productInfo?.app?.minVersion;
  if (minVersion) {
    //
    if (isNewVersion(version.value, minVersion)) {
      notification.error({
        message: settingsStore.productInfo?.app?.minVersionTip ?? "版本过低，为了您的数据安全，请尽快升级",
--- a/Show More
+++ b/Show More
		`@@ -0,0 +1,2 @@`
							`#登录与权限开启`
							`VITE_APP_PM_ENABLED=false`